- name: set root passwd
  user: name=root password={{ builder_rootpw }} state=present
  tags:
  - rootpw

- name: add mock user as 425
  user: name=mock uid=425 state=present home=/var/lib/mock createhome=yes system=yes
- name: make mock homedir 2775
  file: state=directory path=/var/lib/mock mode=2775 owner=mock group=mock
- name: add mock ssh dir
  file: state=directory path=/var/lib/mock/.ssh mode=700 owner=mock group=mock
- name: add mock ssh keys
  copy: src="{{ files }}/../roles/koji_builder/files//mock_auth_keys" dest=/var/lib/mock/.ssh/authorized_keys mode=644 owner=mock group=mock

- name: add ftpsync group
  group: name=ftpsync gid=263 system=yes state=present

- name: add ftpsync user
  user: name=ftpsync uid=263 group=ftpsync createhome=yes system=yes state=present

- name: add create-filelist script from quick-fedora-mirror
  copy: src="{{ files }}/scripts/create-filelist" dest=/usr/local/bin/create-filelist mode=0755 owner=ftpsync group=ftpsync

- name: add the ftpsync update-fullfiletimelist script
  copy: src="{{ files }}/scripts/update-fullfiletimelist" dest=/usr/local/bin/update-fullfiletimelist mode=0755

# ftbfs user = 264
- name: add ftbfs group
  group: name=ftbfs gid=264 system=yes state=present
  when: inventory_hostname.startswith('compose-x86-01')
  tags:
    - ftbfs

- name: add ftbfs user
  user: name=ftbfs uid=264 group=ftbfs createhome=yes system=yes state=present local=yes
  when: inventory_hostname.startswith('compose-x86-01')
  tags:
    - ftbfs

- name: add ftbfs script config file
  template: src=ftbfs.cfg.j2 dest=/etc/ftbfs.cfg
  when: inventory_hostname.startswith('compose-x86-01')
  tags:
    - ftbfs

- name: add ftbfs cache dir
  file: state=directory path=/home/ftbfs/.cache mode=2775 owner=ftbfs group=ftbfs
  when: inventory_hostname.startswith('compose-x86-01')
  tags:
    - ftbfs

- name: copy ftbfs weekly script
  copy: src="ftbfs.sh" dest=/usr/local/bin/ftbfs.sh mode=755
  when: inventory_hostname.startswith('compose-x86-01')
  tags:
    - ftbfs

- name: add ftbfs weekly cron job
  copy: src="ftbfs.cron" dest=/etc/cron.weekly/ mode=755
  when: inventory_hostname.startswith('compose-x86-01')
  tags:
    - ftbfs

# masher user 751
- name: add masher group
  group: name=masher gid=751 system=yes state=present

- name: add masher user as 751 - and group
  user: name=masher uid=751 group=masher home=/home/masher groups=mock,ftpsync local=true
# masher ssh keys and config
- name: add masher ssh dir
  file: state=directory path=/home/masher/.ssh mode=700 owner=masher group=masher
- name: add masher ssh keys
  copy: src="mash/masher.{{ item }}" dest="/home/masher/.ssh/{{ item }}" mode=600 owner=masher group=masher
  with_items:
    - id_rsa.pub
    - config

- name: add masher ssh priv key
  copy: src="{{ private }}/files/mash/masher.id_rsa" dest=/home/masher/.ssh/id_rsa mode=600 owner=masher group=masher

- name: add masher koji cert/key
  copy: src="{{ private }}/files/mash/masher.pem" dest=/home/masher/.fedora.cert mode=600 owner=masher group=masher

- name: add releng koji cert/key
  copy: src="{{ private }}/files/releng_key_and_cert.pem" dest=/root/.fedora.cert mode=600 owner=root group=root

# rawhide group
- name: rawhide group
  group: name=rawhide gid=265
# rawhide user 265
- name: add rawhide user
  user: name=rawhide uid=265 group=rawhide home=/tmp comment="rawhide compose account"

- name: make a bunch of dirs
  file: state=directory path={{ item }}
  with_items:
    - /pub
    - /pub/fedora-secondary
    - /epel
    - /mnt/fedora_koji
    - /var/spool/rsyslog

- name: add pkgs
  package:
    state: present
    name:
    - koji
    - strace
    - mock
    - krb5-workstation
    - nfs-utils
    - git
    - intltool
    - mutt
    - createrepo
    - pykickstart
    - httpd
    - hardlink
    - pungi
    - compose-utils
    - python3-productmd
    - ostree
    - python3-libmodulemd
    - python3-pdc-client
    - python3-koji-cli-plugins
    - python3-fedfind # needed by clean-amis.py script
    - python3-boto3 # needed by clean-amis.py script
    - python3-requests # needed by clean-amis.py script
    - make
    - nosync
    - python3-gobject
    - fedora-messaging # needed by pungi to emit fedora-messages.
    - python3-bugzilla # needed by ftbfs scrips/cron.
    - fedora-repo-zdicts # needed for pungi to make zchunk repodata
  tags:
  - releng

- name: add pkgs from infrastructure testing repo
  dnf: state=present pkg=python3-libpagure enablerepo=infrastructure-tags-stg

- name: add pkgs
  package:
    state: present
    name:
    - pungi-utils
  when: "'releng_compose' in group_names"

- name: Custom compose-koji
  template: src=compose-koji.j2 dest=/usr/bin/compose-koji
            mode=0755

- name: /etc/koji.conf
  template: src=koji.conf.j2 dest=/etc/koji.conf.d/compose.conf

- name: make a mnt/koji link
  file: state=link src=/mnt/fedora_koji/koji dest=/mnt/koji
  when: "'releng_compose' in group_names or 'releng_compose_stg' in group_names"

# Add skopeo for OCI Image management, only in stage first for testing
- name: add pkgs for OCI Image management
  package:
    state: present
    name:
    - skopeo
  when: env == "staging"

# put cron job in for branched compose
- name: branched compose cron
  copy: src="branched" dest=/etc/cron.d/branched
  when: inventory_hostname.startswith('compose-branched01.iad2')

# put cron job in for rawhide compose
- name: rawhide compose cron
  copy: src="rawhide" dest=/etc/cron.d/rawhide
  when: inventory_hostname.startswith('compose-rawhide01.iad2')

# put cron job in for cloud nightly compose
- name: cloud updates compose cron
  copy: src="cloud-updates" dest=/etc/cron.d/cloud-updates
  when: inventory_hostname.startswith('compose-x86-01.iad2')

# put cron job in for docker nightly compose
- name: docker compose cron
  copy: src="container-updates" dest=/etc/cron.d/container-updates
  when: inventory_hostname.startswith('compose-x86-01.iad2')

# put cron job in for regular ami deletion
- name: clean-amis cron
  template: src=clean-amis.j2 dest=/etc/cron.d/clean-amis
  when: inventory_hostname.startswith('compose-x86-01.iad2')

# put cron job in for IoT rawhide compose
- name: IoT rawhide compose cron
  copy: src="rawhide-iot" dest=/etc/cron.d/rawhide-iot
  when: inventory_hostname.startswith('compose-iot-01.iad2')

- name: Create /etc/pki/fedora-messaging
  file:
    dest: /etc/pki/fedora-messaging
    mode: 0775
    owner: root
    group: root
    state: directory
  tags:
  - config
  - releng

- name: Deploy the fedora-messaging CA
  copy:
    src: "{{ private }}/files/rabbitmq/{{env}}/pki/ca.crt"
    dest: /etc/pki/fedora-messaging/rabbitmq-ca.crt
    mode: 0644
    owner: apache
    group: apache
  tags:
  - config
  - releng

- name: Deploy the fedora-messaging cert
  copy:
    src: "{{ private }}/files/rabbitmq/{{env}}/pki/issued/pungi{{env_suffix}}.crt"
    dest: /etc/pki/fedora-messaging/rabbitmq-pungi.crt
    mode: 0644
    owner: apache
    group: apache
  tags:
  - config
  - releng

- name: Deploy the fedora-messaging key
  copy:
    src: "{{ private }}/files/rabbitmq/{{env}}/pki/private/pungi{{env_suffix}}.key"
    dest: /etc/pki/fedora-messaging/rabbitmq-pungi.key
    mode: 0600
    owner: apache
    group: apache
  tags:
  - config
  - releng

- name: Install fedora-messaging config
  template:
    src: fedora-messaging.toml.j2
    dest: /etc/fedora-messaging/config.toml
    owner: apache
    group: apache
    mode: 0600
  tags:
  - config
  - releng

- name: install compose /etc/httpd/conf.d/compose.conf file
  copy: >
    src="compose.conf"
    dest="/etc/httpd/conf.d/compose.conf"
    owner=root
    group=root
    mode=0644
  notify:
  - reload httpd
  tags:
  - config
  when: inventory_hostname.startswith('compose-x86-01')
